Methods and systems for securely delivering electronic mail to hosts having dynamic ip addresses

ABSTRACT

The present invention includes methods and systems for securely delivering electronic mail to electronic mail servers having dynamic IP addresses. Before requesting mail delivery, a receiving mail server having a dynamic IP address registers its dynamic IP address along with a receiving mail server code in memory accessible by a dynamic name server. The receiving mail server code is preferably also stored with the domain name for which the receiving mail server receives mail in memory accessible by a private name server. In response to a request for mail delivery, a delivering mail server utilizes the receiving mail server code stored in memory accessible by the private name server and the dynamic name server to determine the dynamic IP address.

TECHNICAL FIELD

[0001] The present invention relates to methods and systems for securelydelivering electronic mail to hosts having dynamic IP addresses. Moreparticularly, the present invention relates to methods and systems forsecurely delivering electronic mail to mail servers having dynamic IPaddresses utilizing the Simple Mail Transfer Protocol (SMTP).

BACKGROUND OF THE INVENTION

[0002] Hosts connected to a TCP/IP network communicate with each otherusing internet protocol (IP) addresses. An IP address is a numberuniquely identifying a network connection. Available Internet IPaddresses have become limited in number due to inefficient addressassignment and an increase in the number of hosts connected to theInternet. As a result, Internet service providers (ISPs) may beunwilling to allocate static IP addresses to customers without chargingsubstantial fees. A static or fixed IP address does not change for agiven network connection. For example, each time a customer with astatic IP address accesses the Internet through an ISP, the customer hasthe same IP address. Instead of allocating static IP addresses tocustomers, some ISPs allocate dynamic IP addresses. A dynamic IP addressis temporarily assigned to a user, or, more specifically, to the networkconnection of a user's machine. For example, when a customer accessesthe Internet through an ISP, the customer may be given a dynamic IPaddress. When the customer terminates the connection with the ISP, thedynamic IP address may be assigned to another customer. When the firstcustomer accesses the Internet a second time through the same ISP, he orshe may or may not receive the same IP address used in the firstconnection. Thus, dynamic IP addresses allow owners of static IPaddresses to maximize the value of each address by temporarilyallocating the address to multiple customers.

[0003] SMTP is the dominant Internet standard for delivering electronicmail. SMTP allows mail for multiple users to be delivered to a singleSMTP server. SMTP is an IP-based protocol. In order to deliverelectronic mail, a delivering mail server retrieves the IP address of areceiving mail server. The SMTP protocol was designed to route mail to aserver permanently connected to a network using a static IP address.Delivering mail to a mail server that randomly connects to a networkwith a dynamic IP address cannot be done securely using SMTP accordingto conventional mail delivery techniques. Alternatively, an SMTP serverhaving a dynamic IP address cannot securely retrieve mail. For example,in order for a delivering SMTP server to determine where to deliverelectronic mail, the delivering SMTP server determines the IP address ofthe receiving SMTP server. In order to determine the IP address of thereceiving SMTP server, the delivering SMTP server may access a DomainName System (DNS) server. A DNS server stores a database of resourcerecords containing information relating to hosts, including IP addressesof the hosts.

[0004] Determining the IP address of the receiving SMTP server is a twostep process. First, the delivering SMTP server queries the DNS serverfor the name of the receiving SMTP server. The query includes the domainname of the domain for which the receiving SMTP server receives mail.The DNS server searches its resource records for a mail exchange or MXrecord corresponding to the domain name in the query. An MX recordspecifies the name of a mail exchanger, i.e., the receiving SMTP server,responsible for receiving mail for a given domain. The DNS server sendsan MX record specifying the name of the receiving SMTP server to thedelivering SMTP server.

[0005] The next step is determining the IP address corresponding to themail exchanger name specified in the MX record received by thedelivering SMTP server. Accordingly, the delivering SMTP server queriesthe DNS server for the IP address corresponding to the name of the mailexchanger extracted from the MX record. The DNS server stores additionalresource records, known as address or A records, that pair IP addresseswith host names. Thus, if the DNS server stores the A record for themail exchanger, the A record is transmitted to the delivering SMTPserver, which can then initiate an SMTP connection to the IP addressspecified by the A record and deliver the mail. However, when thereceiving SMTP server has a dynamic IP address, the DNS server may nothave the A record for the receiving SMTP server because conventional DNSservers are not dynamically updated when a host receives a dynamic IPaddress. More particularly, no mechanism exists in the conventionalDomain Name System for dynamically or automatically updating A recordsin a DNS server. Updating may be performed manually, for example, usinga keyboard. However, such a process is time-consuming, labor-intensive,and unsuitable in a computing environment where dynamic IP addresseschange frequently. Thus, conventional DNS servers may store A recordscontaining static IP addresses only.

[0006] Since SMTP was originally designed to route mail between mailservers permanently connected to a network using fixed IP addresses, thefact that conventional DNS servers were not dynamically updatable was oflittle consequence. Conventional DNS servers stored the A records forthe permanently connected mail servers. Mail delivery to the permanentlyconnected mail servers was reasonably secure because delivering mailservers verified the addresses of receiving mail servers by accessingDNS servers before delivering mail. As long as the records stored in theDNS servers were secure, mail delivery occurred to the intendedrecipients.

[0007] However, in order to reduce network access fees, it has becomedesirable for a receiving mail server not to maintain a permanentconnection to a network. For example, a receiving mail server may accessa network periodically to retrieve mail queued by a delivering mailserver. One conventional mechanism for receiving queued mail for adomain is the SMTP TURN command. In order to retrieve mail using theTURN command, the receiving mail server first establishes an SMTPconnection with the delivering mail server. Next, the receiving mailserver issues the TURN command followed by the domain name for which thereceiving mail server receives mail. The delivering mail server thendelivers queued mail for the domain name specified in the TURN commandwithout verifying the IP address of the receiving mail server. The SMTPconnection initiated by the receiving mail server is essentiallyreversed and used by the delivering mail server to deliver mail. TheTURN command is not secure because a user can initiate an SMTPconnection, issue the TURN command, and retrieve mail for a domain forwhich he or she is not authorized to retrieve mail.

[0008] Because of the security problems associated with the TURNcommand, the SMTP ETRN command was developed as a more secure method forretrieving queued mail. In order to utilize the ETRN command to retrievemail, the receiving mail server first initiates an SMTP connection withthe delivering mail server. Next, the receiving mail server issues theETRN command followed by the domain name for which mail delivery isrequested. In response to the ETRN command, the delivering mail serverqueries a DNS server for the mail exchanger and then for the IP addressof the mail exchanger. Because the delivering mail server queries theDNS server to determine where to deliver mail, mail retrieval using theETRN command is more secure than mail retrieval using the TURN command.However, if the receiving mail server has a dynamic IP address, the DNSserver may not store the A record for the receiving mail server. As aresult, the IP address cannot be determined and mail retrieval using theETRN command fails. An alternative is to use the TURN command, which isnot secure. Thus, according to conventional delivery techniques,electronic mail could not be securely delivered to an SMTP server havinga dynamic IP address.

SUMMARY OF THE INVENTION

[0009] As used herein, the term “server” refers to a program executingon a machine, such as a computer, and providing shared services toclient processes on a network. The computer may include a memory devicethat stores the server and a processor that executes the server. Thecomputer may also include one or more network adapters, such as Ethernetadapters, that allow the server to communicate with other serversexecuting on other machines. Alternatively, multiple servers may executeon the same physical machine. However, a server, as described herein, isnot intended to be limited to use with or by any particular hardwareconfiguration. In addition, the term “server” is not intended to belimited to a program that always provides services to clients. Forexample, in some communications, servers may act as clients or peers ofother network processes.

[0010] In addition, the phrase “delivering mail server” refers to aprogram that stores and delivers mail to a receiving mail server. Thephrase “receiving mail server” refers to a program that requestsdelivery of queued mail from the delivering mail server. However,neither of these phrases is intended to be limited to a mail server thatonly delivers or only receives mail. For example, the receiving mailserver may deliver mail, and the delivering mail server may receivemail. Thus, the terms “delivering” and “receiving” are intended todescribe the functions of the mail servers with regard to a giventransaction.

[0011] As used herein, the phrase, “receiving mail server code” refersto any string or grouping of alphanumeric characters, digits, and/orsymbols preferably arranged so that the receiving mail server code isdifficult to determine. The receiving mail server code is utilized tosecurely deliver electronic mail to a receiving mail server, asdescribed in more detail below.

[0012] According to one aspect, the present invention includes one ormore name servers in communication with a delivering mail server tosecurely communicate the dynamic IP address of receiving mail servers tothe delivering mail server. A first name server hereinafter referred toas “the dynamic name server” dynamically stores records linkingreceiving mail server codes of receiving mail servers with dynamic IPaddresses of receiving mail servers. A second name server hereinafterreferred to as “the private name server” stores records linking thereceiving mail server codes with domain names for which the receivingmail servers receive mail. As used herein, the phrase “dynamic nameserver” refers to any server capable automatically registering recordslinking receiving mail server codes and dynamic IP addresses ofreceiving mail servers in response to registration requests receivedover a network. The phrase “private name server” refers to any nameserver capable of storing records linking receiving mail server codes todomain names for the receiving mail servers, wherein access to therecords is preferably limited, e.g., to a delivering mail server, inorder to protect the stored receiving mail server codes. A third nameserver, hereinafter referred to as, “the public name server” may be usedby other mail servers to route mail to the delivering mail server. Asused herein, the phrase “public name server” refers to any server thatstores records linking domain names mail exchanger names and recordslinking mail exchanger names to IP addresses, wherein the records arefreely accessible to network users. The public name server is notessential to the invention but is nonetheless mentioned forcompleteness.

[0013] According to another aspect, the present invention includes asetup phase, a connection phase, and a mail delivery phase. The setupphase may occur when a new receiving mail server and the domain(s) forwhich it receives mail are added to a network. The setup phase mayinclude generating a receiving mail server code for the receiving mailserver and linking the receiving mail server code with the domain namecorresponding to the domain for which the receiving mail server receivesmail. The receiving mail server code and the domain name are preferablyregistered with a private name server. The receiving mail server codeand the domain name are preferably also registered with the receivingmail server.

[0014] Next, during the connection phase, the receiving mail serverconnects to the network and receives a dynamic IP address. During theconnection phase, the receiving mail server preferably registers its IPaddress along with its receiving mail server code with a dynamic nameserver. The connection phase may occur each time a receiving mail serverconnects to the network and receives a dynamic IP address.

[0015] Next, during the mail retrieval phase, the receiving mail serverrequests delivery of queued mail from the delivering mail server. Thedelivering mail server first retrieves the receiving mail server codecorresponding to the domain or domains for which the receiving mailserver receives mail from the private name server. The delivering mailserver then requests the dynamic IP address from the private nameserver. The private name server determines that it does not have therecord containing the IP address, so the private name server queries thedynamic name server for the dynamic IP address. The dynamic name servertransmits the dynamic IP address to the private name server. The privatename server transmits the dynamic IP address to the delivering mailserver. The delivering mail server then creates an SMTP connection tothe IP address received from the private name server and then deliversthe mail. The mail delivery phase may occur each time the deliveringmail server requests delivery of queued mail after connecting to thenetwork and receiving a dynamic IP address.

[0016] According to another aspect, the present invention includes amethod for securely delivering electronic mail to a receiving mailserver having a dynamic IP address. The method includes registering adynamic IP address and a code of a receiving mail server to whichelectronic mail is to be delivered in a dynamic name server. In order toretrieve electronic mail, after the registration, the receiving mailserver may transmit a request for delivery of electronic mail to adelivering mail server. The delivering mail server may be a remote mailserver storing queued messages for the receiving mail server. In orderto determine where to deliver the queued mail, the delivering mailserver may transmit a request for the dynamic IP address of thereceiving mail server to a private name server, such as a DNS server.The private name server may store a database of resource records linkingreceiving mail server codes with domain names for a plurality ofreceiving mail servers. However, since the dynamic IP address of thereceiving mail server may not be stored in the private name server, theprivate name server may transmit a request for determining the dynamicIP address to the dynamic name server. The request may include thereceiving mail server code. The dynamic name server may extract thedynamic IP address based on the receiving mail server code. The dynamicIP address may then be transmitted to the delivering mail server. Thedelivering mail server may then deliver the mail to the receiving mailserver utilizing the dynamic IP address transmitted from the privatename server.

[0017] According to another aspect, the present invention may include asystem for securely delivering electronic mail to electronic mailservers having dynamic IP addresses. In the system, a delivering mailserver receives requests for electronic mail delivery from a pluralityof receiving mail servers having dynamic IP addresses via a network. Thedelivering mail server delivers electronic mail to the plurality ofreceiving mail servers. A dynamic name server receives and storesreceiving mail server codes and corresponding dynamic IP addresses ofthe receiving mail servers, e.g., during the connection phase when thereceiving mail servers are allocated dynamic IP addresses. A privatename server may be in communication with the dynamic name server and thedelivering mail server for storing the receiving mail server codes andcorresponding domain names of the plurality of receiving mail servers.The private name server may access the dynamic name server to determinedynamic IP addresses of the plurality of receiving mail servers.

[0018] According to another aspect, the present invention includes amethod for securely communicating a dynamic IP address of a receivingmail server to a delivering mail server. The method includes registeringa dynamic IP address and a receiving mail server code of a receivingmail server with a dynamic name server. Registering the dynamic IPaddress may include transmitting a name registration request packet,including the dynamic IP address and the receiving mail server code,from the receiving mail server to the dynamic name server. The receivingmail server code may also be stored with the domain name of thereceiving mail server in a private name server in communication with thedynamic name server. In response to a request for the dynamic IP addressof the receiving mail server from a delivering mail server, the privatename server may extract the receiving mail server code from its records.The private name server may then transmit a request for the dynamic IPaddress to the dynamic name server. The request may include thereceiving mail server code. The dynamic name server, having previouslyregistered the dynamic IP address with the receiving mail server code,extracts the dynamic IP address from its records. The dynamic IP addressis then transmitted to the delivering mail server. Transmitting thedynamic IP address to the delivering mail server may include firsttransmitting the dynamic IP address to the private name server. Theprivate name server may then transmit the dynamic IP address to thedelivering mail server.

[0019] According to another aspect, the present invention may include acomputer-readable medium having computer-executable instructions forperforming steps for retrieving mail from a mail server. The steps mayinclude identifying a routeable dynamic IP address received from anetwork. Next, a receiving mail server code previously stored with thereceiving mail server, e.g., during the setup phase, may be retrievedand linked with the dynamic IP address. If the receiving mail servercode is encrypted, it is preferably decrypted before being linked withthe dynamic IP address. Next, the receiving mail server code and thedynamic IP address may be registered with a dynamic name server. Thereceiving mail server may then request and receive mail securely.

[0020] According to another aspect, the present invention may include acomputer-readable medium having stored thereon a data structure. Thedata structure may include an A record. The A record may include a firstdata field containing data representing a secret receiving mail servercode of a receiving mail server and a second data field containing datarepresenting a dynamic IP address of the receiving mail server.

[0021] According to another aspect, the present invention may include acomputer-readable medium having stored thereon a data structure. Thedata structure may include an MX record. The MX record may include afirst data field containing data representing a secret receiving mailserver code of a receiving mail server and a second data fieldcontaining data representing a domain name of a domain for which thereceiving mail server receives mail.

BRIEF DESCRIPTION OF THE DRAWING

[0022]FIG. 1 is a block diagram of an exemplary operating environmentfor computer-executable instructions according to embodiments of thepresent invention.

[0023]FIG. 2 is a flow diagram of a method and a system for securelydelivering electronic mail to a mail server having a dynamic IP addressaccording to an embodiment of the present invention.

[0024]FIG. 3 is a flow chart of a process for securely deliveringelectronic mail to a mail server having a dynamic IP address accordingto an embodiment of the present invention.

[0025]FIG. 4 is a diagram of an exemplary data structure of an A recordaccording to an embodiment of the present invention.

[0026]FIG. 5 is a diagram of an exemplary data structure of an MX recordaccording to an embodiment of the present invention.

[0027]FIG. 6 is a network diagram of a system for securely deliveringelectronic mail to a mail server having a dynamic IP address accordingto an embodiment of the present invention.

[0028]FIG. 7 is a flow chart illustrating an exemplary process that maybe performed by a receiving mail server to retrieve electronic mailafter receiving a dynamic IP address according to an embodiment of thepresent invention.

DETAILED DESCRIPTION OF THE INVENTION Exemplary Operating Environment

[0029]FIG. 1 and the following discussion are intended to provide abrief, general description of a suitable computing environment in whichthe invention may be implemented. For example, embodiments of thepresent invention may include a receiving mail server 101, a dynamicname server 102, a delivering mail server 103, and a private name server104, all of which are illustrated in FIG. 2. Any or all of these serversmay be implemented in the computing environment illustrated in FIG. 1.Although not required, the invention will be described in the generalcontext of computer-executable instructions, such as program modules,being executed by a personal computer. Generally, program modulesinclude routines, programs, objects, components, data structures, etc.that perform particular tasks or implement particular abstract datatypes. Moreover, those skilled in the art will appreciate that theinvention may be practiced with other computer system configurations,including hand-held devices, multiprocessor systems,microprocessor-based or programmable consumer electronics, network PCs,minicomputers, mainframe computers, and the like. The invention may alsobe practiced in distributed computing environments where tasks areperformed by remote processing devices that are linked through acommunications network. In a distributed computing environment, programmodules may be located in both local and remote memory storage devices.

[0030] With reference to FIG. 1, an exemplary system for implementingany of the servers, data structures, or other programs for securelydelivering electronic mail to mail servers according to embodiments ofthe present invention may include a general purpose computing device,such as a conventional personal computer 20. The personal computer 20may include a processing unit 21, a system memory 22, and a system bus23 that couples various system components including the system memory tothe processing unit 21. The system bus 23 may be any of several types ofbus structures including a memory bus or memory controller, a peripheralbus, and a local bus using any of a variety of bus architectures. Thesystem memory includes read only memory (ROM) 24 and random accessmemory (RAM) 25. A basic input/output system 26 (BIOS) containing thebasic routines that helps to transfer information between elementswithin the personal computer 20, such as during start-up, is stored inROM 24. The personal computer 20 further includes a hard disk drive 27for reading from and writing to a hard disk, not shown, a magnetic diskdrive 28 for reading from or writing to a removable magnetic disk 29,and an optical disk drive 30 for reading from or writing to a removableoptical disk 31 such as a CD ROM or other optical media.

[0031] The hard disk drive 27, magnetic disk drive 28, and optical diskdrive 30 are connected to the system bus 23 by a hard disk driveinterface 32, a magnetic disk drive interface 33, and an optical driveinterface 34, respectively. The drives and their associatedcomputer-readable media provide nonvolatile storage of computer readableinstructions, data structures, program modules and other data for thepersonal computer 20. Exemplary instructions and data structures thatmay be stored in these computer readable media according to embodimentsof the present invention include mail servers, name servers, receivingmail server codes, IP addresses, MX records, A records, or any otherinstructions and data structures utilized to securely deliver electronicmail to mail servers having dynamic IP addresses. Although the exemplaryenvironment described herein employs a hard disk, a removable magneticdisk 29 and a removable optical disk 31, it should be appreciated bythose skilled in the art that other types of computer readable mediawhich can store data that is accessible by a computer, such as magneticcassettes, flash memory cards, digital video disks, Bernoullicartridges, random access memories (RAMs), read only memories (ROM), andthe like, may also be used in the exemplary operating environment.

[0032] A number of program modules may be stored on the hard disk,magnetic disk 29, optical disk 31, ROM 24 or RAM 25, including anoperating system 35, one or more application programs 36, such as mailservers and name servers according to embodiments of the presentinvention, other program modules 37, and program data 38, such asdynamic IP addresses, domain names, and receiving mail server codesaccording to embodiments of the present invention. A user may entercommands and information into the personal computer 20 through inputdevices such as a keyboard 40 and pointing device 42. Other inputdevices (not shown) may include a microphone, joystick, game pad,satellite dish, scanner, or the like. These and other input devices areoften connected to the processing unit 21 through a serial portinterface 46 that is coupled to the system bus, but may be connected tothe processing unit 21 by other interfaces, such as a parallel port,game port or a universal serial bus (USB). A monitor 47 or other type ofdisplay device is also connected to the system bus 23 via an interface,such as a video adapter 48. In addition to the monitor, personalcomputers typically include other peripheral output devices (not shown),such as speakers and printers.

[0033] The personal computer 20 may operate in a networked environmentusing logical connections to one or more remote computers, such as aremote computer 49. The remote computer 49 may be another personalcomputer, a server, a router, a network PC, a peer device or othercommon network node, and typically includes many or all of the elementsdescribed above relative to the personal computer 20, although only amemory storage device has been illustrated in FIG. 1. For example, thepersonal computer 20 may embody a receiving mail server and the remotecomputer 49 may embody a delivering mail server. The logical connectionsdepicted in FIG. 1 include a local area network (LAN) 51 and a wide areanetwork (WAN) 52. Such networking environments are commonplace inoffices, enterprise-wide computer networks, intranets and the Internet.

[0034] When used in a LAN networking environment, the personal computer20 is connected to the local network 51 through a network interface oradapter 53. The network interface 53 may be connected to a cable modemor ADSL device. When used in a WAN networking environment, the personalcomputer 20 typically includes a modem 54 or other means forestablishing communications over the wide area network 52, such as theInternet. The modem 54, which may be internal or external, is connectedto the system bus 23 via the serial port interface 46. In a networkedenvironment, program modules depicted relative to the personal computer20, or portions thereof, may be stored in the remote memory storagedevice. Thus, any of the servers, such as the name servers or the mailservers according to embodiments of the present invention, may storeprogram data, such as receiving mail server codes, domain names, and IPaddresses, in remote memory storage devices. It will be appreciated thatthe network connections shown are exemplary and other means ofestablishing a communications link between the computers may be used.

[0035]FIGS. 2 and 3 illustrate a process, e.g., a set of computerexecutable instructions, for secure delivery of electronic mail to amail server having a dynamic IP address according to an embodiment ofthe present invention. The instructions illustrated in FIGS. 2 and 3 maybe stored on a computer-readable medium, for example, any of thecomputer-readable media illustrated in FIG. 1. In FIG. 2, a receivingmail server 101, such as an SMTP server, may receive a dynamic IPaddress, for example, when the receiving mail server accesses a network,such as the Internet. According to an important aspect of the invention,the receiving mail server 101 preferably registers the dynamic IPaddress along with a receiving mail server code with a dynamic nameserver 102. (Step ST1) The registration may occur during the connectionphase when the receiving mail server accesses the network. The receivingmail server code registered with the dynamic name server 102 ispreferably secret, i.e., structured and stored to reduce the likelihoodof discovery by someone attempting to impersonate the receiving mailserver 101 and steal electronic mail. The generation and storage of anexemplary receiving mail server code are discussed in more detail below.

[0036] In a preferred embodiment, the dynamic name server 102 comprisesa dynamically updatable name server, such as a “Windows” Internet NameService (WINS) server. The present invention is not limited toregistering the receiving mail server code and the dynamic IP address ofthe receiving mail server 101 with a WINS server. Any server capable ofdynamically updating a database of receiving mail server codes and IPaddresses is within the scope of the invention. Using a WINS server ispreferred because WINS servers allow users to dynamically registerreceiving mail server codes and dynamic IP addresses by transmitting aname registration request, including a receiving mail server code and adynamic IP address, to the WINS server. Thus, unlike conventional DNSservers, WINS servers are capable of maintaining a dynamically updateddatabase of receiving mail server codes and dynamic IP addresses. WINSservers are conventionally used in small business computer networks toallow users to self-register machine names and IP addresses andcommunicate with other users connected to the small business computernetwork. In the present embodiment, rather than storing machine namesand IP addresses of machines in a local network, the dynamic name server102 stores receiving mail server codes and dynamic IP addresses forsecure delivery of electronic mail to remote mail servers. Moreover,unlike the conventional use of the WINS server, access to the recordsstoring the receiving mail server codes may be limited to preventunauthorized discovery of the receiving mail server codes. In analternative embodiment, the dynamic name server 102 may comprise adynamic DNS server.

[0037] After registering the receiving mail server code and the dynamicIP address with the dynamic name server 102, the receiving mail server101 may request mail delivery for a domain name from a delivering mailserver 103 for example, using SMTP. (Step ST2) In response to therequest for mail delivery, the delivering mail server 103 transmits arequest for the name of the mail server that receives mail for thedomain name received in ST2 to a private name server 104. (Step ST3) Theprivate name server 104 is preferably a DNS server. However, instead ofstoring a record mapping the machine name of the receiving mail server101 with a domain, the private name server 104 stores a record linkingthe receiving mail server code and the domain name of a domain for whichthe receiving mail server receives mail. Multiple domain names can belinked with the same receiving mail server code. This record may becreated and stored at some time prior to the request for mail delivery,for example, when the owner of the receiving mail server 101 contractsfor services from the owner of the delivering mail server 103, i.e.,during the setup phase. The private name server 104 then transmits therecord linking the domain name and the receiving mail server code to thedelivering mail server 103. (Step ST4) The delivering mail server 103transmits a request for the dynamic IP address corresponding to thereceiving mail server code to the private name server 104. (Step ST5)The private name server 104 may not store a record linking the IPaddress of the receiving mail server 101 with the receiving mail servercode, since the receiving mail server 101 has a dynamic IP address. Oncethe private name server 104 determines that it does not have the recordlinking the receiving mail server code with the dynamic IP address, theprivate name server requests the record from the dynamic name server 102(Step ST6). The dynamic name server 102, having stored the dynamic IPaddress and the receiving mail server code during the registration,extracts the record containing the dynamic IP address and transmits therecord containing the IP address of the receiving mail server 101 to theprivate name server 104. (Step ST7) The private name server 104transmits the record including the dynamic IP address of the receivingmail server 101 to the delivering mail server 103. (Step ST8) Finally,the delivering mail server 103 delivers electronic mail to the receivingmail server 101. (Step ST9) Thus, electronic mail can be securelydelivered to a mail server, even when the mail server has a dynamic IPaddress. The delivery is secure because the receiving mail server codestored by the name servers and the receiving mail server is preferablysecret. An unauthorized user cannot impersonate the receiving mailserver and receive mail without knowing the receiving mail server code.

[0038] Each of the steps in FIG. 3 is discussed in more detail below. InStep ST1, the receiving mail server 101 registers a dynamic IP addressand a receiving mail server code with the dynamic name server 102. Thereceiving mail server code may be any combination of alphanumericcharacters, digits, and/or symbols that are preferably arranged so thatthe receiving mail server code is difficult to determine. For example,the receiving mail server code may comprise a random or pseudo-randomstring of characters, such as “AXRY14TJLM.” Alternatively, the receivingmail server code may comprise a pure binary value that does nottranslate into alphanumeric characters. The length of the receiving mailserver code may vary according to the desired level of security. Forexample, the longer the receiving mail server code, the more difficultthe receiving mail server code is to determine through iterativetechniques. In this example, the receiving mail server code is aten-character string.

[0039] The receiving mail server code may be generated by the receivingmail server 101, the delivering mail server 103, or by any program incommunication with the receiving mail server 101 or the delivering mailserver 103. For example, the receiving mail server code may be generatedby a program executing on a machine at an ISP and downloaded to thereceiving mail server 101 the first time that the receiving mail server101 connects to the ISP, e.g., during the setup phase. Alternatively,the receiving mail server may include the program for generating thereceiving mail server code and upload the receiving mail server code tothe ISP when the receiving mail server 101 connects to the ISP for thefirst time. The program or algorithm for generating the receiving mailserver code may comprise any suitable algorithm for generating a codehaving the characteristics described above. For example, the algorithmmay comprise a random or pseudo-random number generation algorithm. Oncethe receiving mail server code is generated, the receiving mail servercode is preferably stored by the receiving mail server 101, e.g., inmemory accessible by the receiving mail server 101, to be used in thereceiving mail server code registration process.

[0040] In order to register the receiving mail server code and thedynamic IP address with the dynamic name server 102, the receiving mailserver 101 preferably constructs a packet of registration data in aformat recognizable by the dynamic name server 102. If the dynamic nameserver 102 is a WINS server, the packet may be a name registrationrequest. In general, a name registration request includes a headersection, a question section, and a resource record section. Details ofthe structure of the header section and the question section aredescribed in Request For Comments (RFC) 1002, entitled, “ProtocolStandard For NetBIOS Service on a TCP/UDP Transport: DetailedSpecifications,” by The NetBIOS Working Group (March 1987), thedisclosure of which is incorporated herein by reference. The resourcerecord section contains the data being registered with the dynamic nameserver 102. Since the data being registered includes the dynamic IPaddress of the receiving mail server 101, the resource record is anaddress or A record.

[0041]FIG. 4 illustrates an exemplary data structure for an A recordaccording to an embodiment of the present invention. The data structureillustrated in FIG. 4 may be embodied in any computer-readable medium,for example, any of the computer-readable media illustrated in FIG. 1.In FIG. 4, the words in parenthesis indicate the field names for eachblock of the A record. The characters under each field name indicatetextual representations of data, which may be stored in each fieldaccording to the present embodiment. For example, block 130 representsthe Resource Domain Name field. The Resource Domain Name field istraditionally used to store the domain name of the machine to which therecord pertains. For instance, if the name of the receiving mail serveris “mailbox” and the domain to which the machine is connected is“smallbiz.com,” then the Resource Domain Name field may store“mailbox.smallbiz.com.” In the illustrated embodiment, the ResourceDomain Name field stores the receiving mail server code, for example,“AXRY14TJLM.” Block 138 represents the IP address field for storing theIP address corresponding to the name in block 130. In the illustratedembodiment, block 138 stores the dynamic IP address of the receivingmail server, for example, “131.100.100.13.” Block 136 represents theType field indicating the type of data contained in the resource record.For an A record, the Type field contains the character “A,” representing“Address.” Blocks 132 and 134 respectively represent the Network Classfield and the Time to Live field of the A record.

[0042] The values in these blocks are not essential to the invention.For purposes of the examples used to illustrate the present embodiment,the characters “IN” for Internet class are used for the Network Classfield, and the Time to Live field is blank, since it is optional. Thus,the textural representation of an exemplary A record stored in thedynamic name server 102 according to the present embodiment using thereceiving mail server code and the dynamic IP address of the receivingmail server 101 may be as follows:

AXRY14TJLM IN A 131.100.100.13.

[0043] The dynamic name server 102 preferably maintains a dynamicallyupdated database of A records containing receiving mail server codes anddynamic IP addresses of a plurality of receiving mail servers.

[0044] The present invention is not limited to linking dynamic IPaddresses with receiving mail server codes using A records. Any datastructure for linking a dynamic IP address with a receiving mail servercode is within the scope of the invention. In addition, the presentinvention is not limited to storing the records linking IP addresses andreceiving mail server codes in a WINS server. Any type of server capableof dynamically registering records linking receiving mail server codeswith dynamic IP addresses is within the scope of the invention.

[0045] In Step ST2, the receiving mail server 101 transmits a maildelivery request command to the delivering mail server 103. In apreferred embodiment of the invention, the mail delivery request commandis the SMTP ETRN command. As discussed above, the ETRN command wasdeveloped to allow remote users to receive queued mail over a transientconnection to an ISP. The ETRN command is an Internet standard forremote delivery of queued mail. The ETRN command instructs thedelivering mail server 103 to establish a separate SMTP connection withthe receiving mail server 101 to deliver mail, rather than reversing themail delivery request connection. Establishing a separate connectionenhances security because the delivering mail server accesses a nameserver to determine where to deliver the mail, instead of relying on aname provided by an unknown requester. For example, prior to the ETRNcommand, some mail servers used the SMTP TURN command to receive queuedmail. The TURN command is not secure because the delivering mail serverdoes not access a DNS server to verify the name of the receiving mailserver. For example, after establishing an SMTP connection with an SMTPmail server, a user may enter the command “TURN smallbiz.com.” Thedelivering mail server then delivers all mail intended for smallbiz.comto the user's IP address without extracting the MX record from a DNSserver to determine whether the user is a mail server authorized toreceive mail for smallbiz.com. The ETRN command is an improvement overthe TURN command because the delivering mail server accesses a domainname server to determine the name of the mail exchanger authorized toreceive mail for a domain. However, prior to the present invention, maildelivery using the SMTP ETRN command could not be performed unless thereceiving mail server had a static IP address because conventional DNSservers may not be updated when a receiving SMTP server receives adynamic IP address.

[0046] The present invention is not limited to using the ETRN command tostart delivery of queued mail. Any command that causes the deliveringmail server to perform name verification before delivering mail iswithin the scope of the invention.

[0047] In step ST3, the delivering mail server 103 requests the name ofthe mail exchanger authorized to receive mail for the domain specifiedin the ETRN command. As discussed above, according to SMTP, thedelivering mail server 103 requests the MX record to determine the nameof the receiving mail server 101. FIG. 5 shows an exemplary format of anMX record according to the present embodiment. The data structureillustrated in FIG. may be embodied in a computer-readable medium, forexample, any of the computer-readable media illustrated in FIG. 1. InFIG. 5, the words in parenthesis inside each block indicate the fieldtypes for the MX record. The characters under each block illustrateexemplary data in textual format for each field according to the presentembodiment. Block 150 indicates the Exchange-Dname field. This field isconventionally used to store the domain name of the mail exchanger,i.e., the receiving mail server. However, according to the presentembodiment, block 150 is used to store the receiving mail server codecorresponding to the dynamic IP address, for example, “AXRY14TJLM.”Block 140 represents the Resource Domain Name field. This field storesthe domain name of the domain for which the receiving mail serverhandles mail, e.g., smallbiz.com. Block 142 represents the Class field.For purposes of the present example, the Class field is assumed to be INor Internet. Block 144 represents the Time to Live field. The Time toLive field is used for caching. The Time to Live field is not essentialin explaining the present embodiment, and is left blank. Block 46represents the Preference field. The Preference field stores a numericpriority value that allows the delivering mail server to select amongmultiple MX records when multiple mail exchangers deliver mail for adomain. The preference value is not important in explaining the presentembodiment, since only one receiving mail machine has been described.Thus, in the illustrated embodiment, the preference value is set to 0.An example of an MX record in textual format according to the presentembodiment may be as follows:

smallbiz.com. IN MX 0 AXRY14TJLM

[0048] The MX record according to the present embodiment may be storedin the private name server 104 at any time prior to the request for maildelivery. For example, the MX record may be stored when the owner of thereceiving mail server 101 contracts for services with the owner of thedelivering mail server 103 and the receiving mail server is added to thenetwork, i.e., during the setup phase. The private name server 104performs a search of its MX records for the MX record corresponding tothe domain for which the receiving mail server 101 receives mail. Afterlocating the MX record, the private name server 104 transmits the MXrecord including the receiving mail server code to the delivering mailserver 103 (Step ST4).

[0049] The present invention is not limited to using MX records to linkreceiving mail server codes with domain names of receiving mail servers.Any data structure for linking the receiving mail server codes and thedomain names is within the scope of the invention.

[0050] After receiving the MX record, the delivering mail server 103queries the private name server for the A record corresponding to thereceiving mail server code in the MX record. (Step ST5) The private nameserver 104 performs a search of its resource records, for example, usingthe receiving mail server code specified in the request received fromthe delivering mail server 103. However, since the receiving mail server101 has a dynamic IP address, the private name server 104 may not storean A record for the receiving mail server 101. The private name server104 preferably does, however, store a record that points to the dynamicname server 102 for A records that it does not contain. When the dynamicname server 102 comprises a WINS server, the record is known as a WINSrecord. The private name server 104 thus queries the dynamic name server102 for the A record. (Step ST6) An exemplary format for the query isthe name query request, as described in RFC 1002. The dynamic nameserver 102 stores the A record including the receiving mail server codeand the dynamic IP address because the A record was previouslyregistered in Step ST1 by the receiving mail server 101. Thus, thedynamic name server 102 locates the A record, for example, by executinga look-up algorithm of its A records using the receiving mail servercode received in the query from the dynamic name server 102. The dynamicname server 102 then transmits the A record including the dynamic IPaddress and the receiving mail server code to the private name server104. (Step ST7) The private name server 104 delivers the A record to thedelivering mail server 103. (Step ST8) The delivering mail server 103then establishes an SMTP connection with the machine corresponding tothe dynamic IP address specified by the A record and delivers mail tothat machine. (Step ST9) Since the receiving mail server code and thedynamic IP address were registered by the receiving mail server 101, themail reaches its intended destination.

[0051] Mail delivery following receipt of the dynamic IP addresspreferably follows the Simple Mail Transfer Protocol, as described, forexample, in RFC 821, entitled “Simple Mail Transfer Protocol,” byJonathan Postel (August 1982), the disclosure of which is incorporatedherein by reference. The present invention is not limited to the SimpleMail Transport Protocol as defined in RFC 821. For example, SMTP maildelivery according to the present invention may include any extensionsand modifications of the basic protocol, for example, extensions andmodifications pursuant to RFC 1869, entitled, “SMTP Service Extensions,”by J. Klensin et al. (November 1995), the disclosure of which is alsoincorporated herein by reference.

[0052] After receiving mail, the receiving mail server 101 mayunregister the A record containing the receiving mail server code fromthe dynamic name server 102 to reduce the likelihood of discovery of thereceiving mail server code. Thus, if the dynamic name server iscompromised, only receiving mail server codes being used in pending mailtransactions are discoverable. An exemplary command for unregisteringdata from a WINS server is the name overwrite request described in RFC1002. Because the receiving mail server code is preferably secret and aseparate SMTP connection is established to deliver the mail, maildelivery is secure.

[0053]FIG. 6 is a network diagram illustrating an exemplary system forsecurely delivering electronic mail to mail servers having dynamic IPaddresses according to an embodiment of the present invention. In theillustrated embodiment, the system includes a dynamic name server 102including a first interface in communication with a public network 108,such as the Internet, and a second interface in communication with aprivate network 109. The dynamic name server 102 is preferably adynamically updatable server, such as a WINS server. The dynamic nameserver 102 registers dynamic IP addresses and corresponding receivingmail server codes from receiving mail servers, such as the receivingmail server 101. The dynamic name server 102 preferably stores thereceiving mail server codes and the corresponding IP addresses as Arecords. A private name server 104 includes a first interface coupled tothe second interface of the dynamic name server 102 via the privatenetwork 109.

[0054] The private name server 104 preferably comprises a DNS server.The private name server 104 stores records, preferably MX records,pairing the receiving mail server codes stored by the dynamic nameserver 102 with domain names. The private name server 104 is preferablyhidden from the public network 108 to enhance the security of thereceiving mail server codes. A delivering mail server 103 includes afirst interface in communication with the public network 108 and asecond interface in communication with the private network 109 todeliver mail to the receiving mail server 101 via the public network108. The delivering mail server 103 may also communicate with additionalprivate or public networks to deliver mail to a plurality of receivingmail servers. The delivering mail server 103 is preferably an SMTPserver. In the illustrated embodiment, the dynamic name server 102 andthe delivering mail server 103 execute on the same machine.

[0055] In order to retrieve mail, the receiving mail server 101 mayaccess the public network 108 through any suitable means, for example,using a modem. The modem may access a communication link 105, such asthe public telephone network. A network access server, such as a router106, including a modem or a plurality of modems, receives calls frommail servers requesting mail delivery. Thus, one of the modems of therouter 106 may receive the call from the receiving mail server 101 overthe communication link 105. A dialup access network 107 may provide apassword authentication service before allowing customer access to thepublic network 108. Thus, the dialup access network 107 may connect thereceiving mail server 101 to the public network 108 only after verifyinga password. In an alternative arrangement, customers may connect to thedelivering mail server through a private network (not shown), i.e., anetwork that is not accessible to non-subscribers of the privatenetwork. Once connected to the public network 108, the receiving mailserver 101 may receive a dynamic IP address and request delivery ofelectronic mail.

[0056] The dynamic and private name servers 102 and 104, the deliveringmail server 103, the router 106, and the dialup access network 107 maybe managed by an ISP providing electronic mail and Internet services toremote customers. Additional servers, such as public name servers, maycommunicate with the other servers at the ISP through the public andprivate networks. These servers are not essential in explaining thepresent embodiment and are therefore not shown in FIG. 6. The receivingmail server 101 may be located remotely from the ISP, for example, at acompany receiving Internet and electronic mail service from the ISP.However, the present invention is not limited to any particular locationof the receiving mail server 101.

[0057] As stated above, the private name server 104 that stores the MXrecords pairing the receiving mail server codes and the receiving mailserver domain names is preferably hidden from, i.e., not directlyconnected to, the public network 108. In the illustrated embodiment, thedelivering mail server 103 and the dynamic name server 102 are connectedto the public network 108. In order to reduce the likelihood of asecurity breach of the private name server 104, the delivering mailserver 103 and the dynamic name server 102 preferably respond to alimited set of commands, e.g., name registration requests and ETRNcommands, received from the public network 108. In order to furtherenhance the security of the receiving mail server codes stored in theprivate name server 104, a firewall server may be provided at anylogical location between the private name server 104 and the publicnetwork 108, for example, between the delivering mail server 103 and thepublic network 108. In addition, the private name server 104 may bedirectly connected to the public network 108 through the firewall.Implementations of firewall servers, which may be suitable, includepacket filters, stateful inspection filters, and combinations of packetand stateful inspection filters. Any type of firewall server forprotecting the stored receiving mail server codes is within the scope ofthe invention. In addition, to further enhance security, the receivingmail server codes stored in the private name server 104, the dynamicname server 102, and/or the receiving mail server 101 may be encrypted.

[0058] The present invention is not limited to the embodimentillustrated in FIG. 6. For example, because TCP/IP application levelcommunications occur on different logical ports of a machine, thedelivering mail server 103, the dynamic name server 102, and the privatename server 104 may execute on the same physical machine. In anotheralternative, each of the servers may execute on separate machines toenhance processing speed. Any combination of servers and machines iswithin the scope of the invention.

[0059] The following example illustrates how a receiving mail serverconnected to a small business computer network having a domain name ofsmallbiz.com may utilize the system of FIG. 6 to securely retrieveelectronic mail. First, when the owner of the receiving mail server 101contracts with the Internet service provider, the Internet serviceprovider may generate the receiving mail server code and store thereceiving mail server code in an MX record including the domain namesmallbiz.com in the private name server 104. The receiving mail servercode is preferably also stored in memory accessible by the receivingmail server 101 to be used in secure mail transactions. For example, thereceiving mail server code may be downloaded with the customer'sInternet access software. In order to retrieve mail, the receiving mailserver 101 connects to the public network 108 through any suitablemeans, for example, using a modem, as described above. In order tocommunicate with other machines connected to the public network 108, thereceiving mail server preferably receives an IP address. Becauseavailable IP addresses may be limited, the receiving mail server mayreceive a dynamic IP address, for example, from a dynamic hostconfiguration protocol (DHCP) server or a RADIUS server located at theInternet service provider. In this example, it is assumed that thereceiving mail server 101 is given a dynamic IP address of131.100.100.13.

[0060] After receiving the dynamic IP address, the receiving mail server101 executes a program for retrieving its mail. FIG. 7 illustratesexemplary steps which may be performed by the receiving mail server 101after receiving a dynamic IP address in order to securely retrieveelectronic mail. The steps may are preferably computer-executableinstructions, i.e., a program, embodied in a computer-readable medium,for example, any of the computer-readable media illustrated in FIG. 1.In order to retrieve mail, the program evaluates network interfaces ofthe receiving mail server to identify a valid Internet address. (StepST21) Nonrouteable default IP addresses, which may have been stored bythe receiving mail server 101 for use in local area networkcommunications, are preferably ignored. When the program locates thedynamic IP address received from the Internet service provider, thataddress is selected as the address for mail communications, provided itis a routeable Internet address.

[0061] After locating the dynamic IP address, the receiving mail server101 sends a name registration request to the dynamic name server 102 atthe ISP. (Step ST22) The name registration request includes the dynamicIP address and a receiving mail server code. The dynamic name server 102stores the A record including the dynamic IP address and the receivingmail server code.

[0062] After sending the name registration request, the receiving mailserver 101 may request delivery of electronic mail. (Step ST23) First,the receiving mail server 101 establishes an SMTP connection with thedelivering mail server 103, for example, using logical port 25. Afterestablishing the connection, the receiving mail server 101 may transmitthe SMTP command “EHLO” to identify the receiving mail server 101 anddetermine SMTP commands supported by the delivering mail server 103. Thedelivering mail server 103 responds by sending a list of SMTP commandsthat the delivering mail server 103 supports. After receiving the listof commands, the receiving mail server 101 transmits the command “ETRNsmallbiz.com.” In response, the delivering mail server 103 first queriesthe private name server 104 for the MX record to identify the name ofthe mail server responsible for receiving mail for smallbiz.com. In thisexample, the private name server 104 may respond by transmitting the MXrecord, “smallbiz.com. IN MX 0 AXRY14TJLM” to the delivering mail server103. Alternatively, the private name server may transmit only thereceiving mail server code to the delivering mail server 102. Thedelivering mail server 103 then queries the private name server 104 forthe A record corresponding to AXRY14TJLM. The private name server 104does not have an A record for AXRY14TJLM. However, the private nameserver 104 may store a WINS record pointing to the dynamic name server102. The private name server 104 queries the dynamic name server 102 forthe A record for AXRY14TJLM. This process is known as a WINS referral.The dynamic name server 102 may respond by transmitting the A record“AXRY14TJLM IN A 131.100.100.13.” to the private name server 104. Theprivate name server 104 transmits the A record to the delivering mailserver 103. The delivering mail server 103 establishes an SMTPconnection to machine located at the IP address 131.100.100.13 anddelivers the mail to that machine. The receiving mail server 101 maythen receive the mail (Step ST24) and distribute the mail to users ofits site. Thus, secure delivery of electronic mail to a mail serverhaving a dynamic IP address is achieved. Because the receiving mailserver code is preferably secret, unauthorized users cannot impersonatethe receiving mail server 101 and steal electronic mail. For example,without knowing the receiving mail server code, a user cannot registerthe receiving mail server code and the user's IP address with thedynamic name server 102. Moreover, as discussed above, the receivingmail server preferably unregisters the receiving mail server code andthe dynamic IP address after receiving mail. (Step ST25)

[0063] While the invention has been described in some detail by way ofillustration and example, it should be understood that the invention issusceptible to various modifications and alternative forms, and is notrestricted to the specific embodiments set forth. It should beunderstood that these specific embodiments are not intended to limit theinvention but, on the contrary, the intention is to cover allmodifications, equivalents, and alternatives falling within the spiritand scope of the invention.

What is claimed is:
 1. A method for securely delivering electronic mailto a mail server having a dynamic IP address comprising: registering adynamic IP address and a receiving mail server code of a receiving mailserver with a dynamic name server; transmitting a request for deliveryof electronic mail from the receiving mail server to a delivering mailserver; transmitting a request for the dynamic IP address from thedelivering mail server to a private name server; transmitting a requestfor determining the dynamic IP address from the private name server tothe dynamic name server, the request including the receiving mail servercode; extracting the dynamic IP address from the dynamic name serverbased on the receiving mail server code; transmitting the dynamic IPaddress to the delivering mail server; and delivering electronic mailfrom the delivering mail server to the receiving mail server utilizingthe dynamic IP address extracted from the dynamic name server.
 2. Themethod of claim 1 wherein registering a dynamic IP address and areceiving mail server code comprises: allocating memory for an A recordhaving a Resource Domain Name field and an IP address field; storing thereceiving mail server code in the Resource Domain Name field; andstoring the dynamic IP address in the IP address field.
 3. The method ofclaim 1 comprising, before transmitting the request for delivery ofelectronic mail, storing the dynamic IP address of the receiving mailserver and the receiving mail server code in the private name server. 4.The method of claim 3 wherein storing the IP address and the receivingmail server code in the private name server comprises: allocating memoryfor an MX record having an Exchange-Dname field and a Resource Domainfield; storing the receiving mail server code in the Exchange-Dnamefield; and storing a domain name for which the receiving mail serverreceives mail in the Resource Domain Name field.
 5. The method of claim4 wherein transmitting a request for the dynamic IP address from thedelivering mail server to the private name server comprises:transmitting a request for the MX record from the delivering mail serverto the private name server; extracting the MX record from the privatename server; transmitting the MX record from the private name server tothe delivering mail server; and transmitting a request for the A recordfrom the delivering mail server to the private name server.
 6. Themethod of claim 1 wherein transmitting a request for delivery ofelectronic mail comprises transmitting an SMTP ETRN command from thereceiving mail server to the delivering mail server.
 7. The method ofclaim 1 wherein registering a dynamic IP address and a receiving mailserver code comprises registering a dynamic IP address and a secretreceiving mail server code with the dynamic name server.
 8. The methodof claim 7 wherein registering a dynamic IP address and a secretreceiving mail server code comprises transmitting a name registrationrequest including the dynamic IP address and the secret receiving mailserver code to a WINS server.
 9. A system for securely deliveringelectronic mail to electronic mail servers having dynamic IP addressescomprising: a delivering mail server for receiving requests forelectronic mail delivery from a plurality of receiving mail servershaving dynamic IP addresses via a network and for delivering electronicmail to the plurality of receiving mail servers; a dynamic name serverfor receiving and storing receiving mail server codes and correspondingdynamic IP addresses of the receiving mail servers; and a private nameserver in communication with the dynamic name server and the deliveringmail server for storing the receiving mail server codes andcorresponding domain names of the plurality of receiving mail servers,wherein the private name server accesses the dynamic name server todetermine dynamic IP addresses of the plurality of receiving mailservers.
 10. The system of claim 9 wherein the dynamic name servercomprises a WINS server.
 11. The system of claim 9 wherein the dynamicname server comprises a dynamic DNS server.
 12. The system of claim 9wherein the private name server comprises a DNS server.
 13. The systemof claim 9 wherein the delivering mail server comprises an SMTP server.14. The system of claim 9 wherein the dynamic name server stores aplurality of A records having Resource Domain Name fields and IP addressfields, wherein the receiving mail server codes are stored in theResource Domain Name fields and the dynamic IP addresses are stored inthe IP address fields.
 15. The system of claim 9 wherein the privatename server stores a plurality of MX records having Exchange-Dnamefields and Resource Domain Name fields, wherein the receiving mailserver codes are stored in the Exchange-Dname fields and domain namesfor which the plurality of receiving mail servers receive mail arestored in the Resource Domain Name fields.
 16. The system of claim 9wherein the plurality of receiving mail server codes are secret codes.17. A method for securely communicating a dynamic IP address of areceiving mail server to a delivering mail server comprising:registering a dynamic IP address and a receiving mail server code of areceiving mail server with a dynamic name server; and in response to arequest for the dynamic IP address of the receiving mail servertransmitted from a delivering mail server to a private name server:searching resource records in the private name server for a recordcontaining the dynamic IP address, transmitting a request for thedynamic IP address from the private name server to the dynamic nameserver, the request including the receiving mail server code, extractingthe dynamic IP address from the dynamic name server based on thereceiving mail server code, and transmitting the dynamic IP address tothe delivering mail server.
 18. The method of claim 17 whereinregistering a dynamic IP address and a receiving mail server codecomprises: allocating memory for an A record having a Resource DomainName field and an IP address field; storing the receiving mail servercode in the Resource Domain Name field; and storing the dynamic IPaddress in the IP address field; and transmitting a name registrationrequest including the A record from the receiving mail server to thedynamic name server.
 19. The method of claim 17 further comprisingstoring the receiving mail server code and a domain name of thereceiving mail server with the private name server.
 20. The method ofclaim 19 wherein storing the receiving mail server code and a domainname of the receiving mail server comprises: allocating memory for an MXrecord having a Resource Domain Name field and an Exchange-Dname field;storing the receiving mail server code in the Exchange-Dname field; andstoring the domain name of the receiving mail server in the ResourceDomain Name field.
 21. The method of claim 17 further comprisinggenerating the receiving mail server code and storing the receiving mailserver code in the receiving mail server.
 22. The method of claim 17wherein registering a dynamic IP address and a receiving mail servercode comprises registering a dynamic IP address and a secret receivingmail server code with the dynamic name server.
 23. A computer-readablemedium having computer-executable instructions for performing stepscomprising: (a) identifying a routeable dynamic IP address received froma network; and (b) registering a receiving mail server code and thedynamic IP address with a dynamic name server.
 24. The computer-readablemedium of claim 23 having computer executable instructions forperforming steps further comprising after step (b), (c) requestingdelivery of electronic mail from a delivering mail server; and (d)receiving electronic mail routed to the dynamic IP address from thedelivering mail server.
 25. The computer-readable medium according toclaim 23 wherein step (b) comprises: allocating memory for an A recordhaving a Resource Domain Name field and an IP address field; storing thereceiving mail server code in the Resource Domain Name field; andstoring the dynamic IP address in the IP address field; and transmittinga name registration request including the A record from the receivingmail server to the dynamic name server.
 26. The computer-readable mediumof claim 24 comprising, after step (d), unregistering the receiving mailserver code and the dynamic IP address from the dynamic name server. 27.A computer-readable medium having stored thereon a data structure, thedata structure including an A record comprising: (a) a first data fieldcontaining data representing a receiving mail server code of a receivingmail server; and (b) a second data field containing data representing adynamic IP address of the receiving mail server.
 28. Thecomputer-readable medium of claim 27 wherein the first data fieldcomprises a Resource Domain Name Field and the second data fieldcomprises an IP Address field.
 29. A computer-readable medium havingstored thereon a data structure, the data structure including an MXrecord comprising: (a) a first data field containing data representing areceiving mail server code of a receiving mail server; and (b) a seconddata field containing data representing a domain name of a domain forwhich the receiving mail server receives mail.
 30. The computer-readablemedium of claim 29 wherein the first data field comprises anExchange-Dname field and the second data field comprises a ResourceDomain Name field.